A security policy would also ensure that there is a proper set of guidelines that the staff can follow in the events of security incidents and hence the staff would not be at a loss of how to react if such an incident, eg: unauthorized entry, fires, etc. The policy would also address security mechanisms in the company such as the implementation of proper up-to-date locks and electronic doors that the company would have.
A security policy can be composed of many factors. Two main elements which make up the policy would be network design factors and Internet threats.
Network Design Factors
This factor can be branched out into
- Data Assessment
- Host Addressing
- Application Definition
- Usage Guidelines
- Topology/ Trust Model
Internet Threats
This section contains the type of threat vectors that could come from the Internet
- Vulnerabilities
- Denial of Service
- Misuse
- Reconnaissance
In conclusion, security in an organization can be related to both the employees, as well as the proper implementation of security devices, these can only be done if there is a proper security policy established in the company.
No comments:
Post a Comment